On Wed, Jan 28, 2009 at 07:58:48AM -0500, Neil Horman wrote: > > FIPS 140-2 specifies that all access to various cryptographic modules be > prevented in the event that any of the provided self tests fail on the various > implemented algorithms. We already panic when any of the test in testmgr.c > fail when we are operating in fips mode. The continuous test in the cprng here > was missed when that was implmented. This code simply checks for the > fips_enabled flag if the test fails, and warns us via syslog or panics the box > accordingly. > > Signed-off-by: Neil Horman <nhorman@xxxxxxxxxxxxx> Patch applied. Thanks Neil. -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
